You are viewing a single comment's thread from:
RE: Phishing site reported - www.steemitfollowup(dot)ml
Hey @arcange, thanks for helping warn others! You got automatically picked up by @guard as one of your links is actually a direct link to the phishing site. As explained here, we're hoping to get people to use non-clickable links (e.g., badwebsite(dot)com to warn people and avoid accidents. Please consider editing your post and doing this in the future! Thanks!
Hey @anyx,
That's a a great initiative to have @guard looking at links into posts. Better two warning tools than none.
I didn't mentioned the malicious websites in any link on my post. I guess @guard was alerted by the title (which in non-clickable). Or maybe it has been triggered by the title of my previous scam alerts (which do not content any malicious URL)
Some links that you think may not be clickable (specifically, removing the www, or http://), actually are: as some browsers / extensions can make them clickable anyway to "help" the user. Accidents happen, especially on mobile when trying to scroll... and suddenly the wrong link is clicked :(
We've had users report they were compromised exactly this way, clicking the wrong link in a warning post.
Yep, this I fully understand.
But if you look at my post content, except in the title, there is no "wrong link".
I would be glad to know what exactly triggered @guard (you can provide me with the answer on steem.chat). Just my 2 cents to improve it.
@anyx is right, I initially tried to click the link before I read your post. and it wouldn't click..good thinking my friend!! Question, where is the best place to get steem power delegations other than lasing it from steemit. Theirs seems a bit pricey for a 90 day lease. Trying to get my reputation up a bit more so my upvotes will be worth more. I do a lot of curation, upvotes and resteems for @familyprotection so i would like to have access to much much more steempower. Resteeming this article.
Sirs @anyx and @arcange Thank you both and I also have a phishing site to report, steemil (DOT) com (Sorry didntmean to trigger the antiphishing bot but I had to TALK about steemil with an L not a T o with an l instea of a t, its VERY powerful as a short name like that with such a close resemblance to steemit, and maybe on a phone keyboard or in another languages key setups its easy to confusethe t for a lowercase L? Anyway the steemi . com LOOKS JUST LIKE steemit.com because your BRAIn will MAKE UP for the lack of a crossed T and cross the t FOR you! The lack of space under the letter I completes the optical illusion!
It si a POWERFUl mis spelling of the name steemit, and when you have a name like steemil runnning around, it sucks. And I believe my friend @steem4depoor got hacked with THIS phishing scam, and has to use abackup account @steemgh now since account recovery from @steemit still hasn't gotten back to him according to him, and they seem backed up at the moment, maybe they did freze it thought because the attacler has nit powered down his steempower yet?
Anywaythat steemil . Com phishing site looks just like stem its very advanced and would easily fool noob,
THE ONLY way I see to solve this is to start PRESSURING the new users to ONLY USING POSTING KEYS and Active keys to withdraw, but that Posting keys should be the ONLY thing you use when you login to a new browser etc.
If users are just entering in their owner key to steemconnect its hard to avoid but for steemil and other sites, we should encoruage people to just NEVER login to ANY steemconnect page UNLESS they get there through their OWN entering in of the steemconect url!
Sometimes I think we should have an Optional Service to allow a big experienced company to hold Oner keys, and allow custoers to have posting and active keys OR no keys at all and just login with username and password and 2FA, it would eba fuck lot easier if wehad our own 2FA, maybe have insurance on oru accounts if we pay a small fee, man I think new uesre shiuldnt be hndling keys, I think we should havea third party service , but I don't k ow if Post Rewards would fund something like that?
I hope 2FA is included in HF21 or something :D
Anyway man, Thank you for all your work and I hope the damage done by scammers and KNOWN accounst associated wiuth phishing are somehow removed or have comments removed from the front end, so that people have the safety they deserve, AND it won't hurt OTHERpeoepls freedoms! It canbe an Opt In system to auo remove and BLACKLIST know scammer content form YOUR own brower, likethrough @armandocat ;s Steemit Plus crhome extension, we could EASILY just have a Blocked user black list, and intead of making a new uer manually go an block all the known black lited accounst we could have the extensin just remove them all automatical to make using steem a lot safer? Anyway sorry if I am rambling I am getting tired but I just have so many thoughts about ll of this stuff, its such a cray problem to deal with all the spheres of privacy blockchain secuity freeom all at once here!
WARNING! The comment below by @ackza leads to a known phishing site that could steal your account.
Do not open links from users you do not trust. Do not provide your private keys to any third party websites.
Sorry didn't men to trigger the anti phishing botbut I forgotto buta spacebetween the steemil . Com like THAT, and I shouldn't have put that there b ui HAD to TALK about the probllem because no one elsewas and I made sure not to actually make it a clickable URL and I made the entir epost ABOUT how it was a known phishig site, I deletd that commenttho and made sure to reporst without the phishinglink as a LINK buti didn't know that would regitser, sorry, didn't mean for the false alarm.
Just want to make sure people don't think my account is hacked or something, sorry false alarm everyone